﻿@{
    ViewBag.Title = "Common Command";
    Layout = "~/Views/Shared/_Layout.cshtml";
}
       <ol class="breadcrumb">
    <li><a href="/Home.html">Home</a></li>
    <li><a href="/WebApp/WebApi"> Sanelib WebApp</a></li>
    <li class="active">User Session</li>
</ol>
      
            
            <div id="introduction">
                <h1 class="text-left">Services</h1>
                <h4>IUserSession Interface</h4>
                <p>In the IUserSession is defined to the three method and used for the current user session and if the user is currently not logged in then the redirected to the LoginForm and User when Requested to the LogOff then alos clear the session and redirect to the LoginForm</p>
                <pre><code>
public interface IUserSession
{
	MemberView GetCurrentUser();
	bool Login(LoginForm request, ref string message);
	void LogOff();                         
}
</code></pre>
                <p>All above methods are see in detail in the UserSession Class</p>
            </div>
            <div id="start">
                <h4>UserSession Class</h4>
                <h3>Class Implements : IUserSession</h3>
                <table class="table-condensed table-striped">
                    <tr>
                        <th>Constructor</th>
                        <th>Parameters</th>
                    </tr>
                    <tr>
                        <td class="table-bordered">IViewRepository&lt;MemberView&gt;</td>
                        <td class="table-bordered">IAuthenticationService</td>
                    </tr>
                </table>
                <p>then after local variables are assigned to the instance variable that are the same type of the instance variables</p>
                <p>In this class to implements all the methods that are defined into the IUserSession interface</p>

                <ol id="method">
                    <li>
                        <p><b>GetCurrentUser() :</b></p>
                        <pre><code>
 public MemberView GetCurrentUser()
{
    var identity = HttpContext.Current.User.Identity;
    if (!identity.IsAuthenticated) return null;
    var currentUser = _memberRepository.GetByKey(Property.Of&lt;Member&gt;(x => x.Code), identity.Name);
            
    if (currentUser == null)
        throw new InvalidCredentialException("That user doesn't exist or is not valid.");
    return currentUser;
}
</code></pre>
                        <p>here, in the above method is get the identity of the current user by the use of the <abbr title="use the class System.Web.HttpContext" class="btn-link">HttpContext</abbr></p>
                        <p>and if the there has not a user loggedIn then throw the Exception to the <a href="/WebApp/SmartApi">SmartApiController</a> to the InvalidCredentialException</p>
                        <p>otherwise return to the CurrentUser</p>
                    </li>
                    <li>
                        <p><b>Login() :</b></p>
                        <pre><code>
public bool Login(LoginForm form, ref string message)
{
    var user = _memberRepository.GetByKey(Property.Of&lt;Member&gt;(x => x.Code), form.Username);
    if (user == null)
    {
        message = UserDoesNotExistMssg;
        return false;
    }
    if (user.UserStatus != null && user.UserStatus.Equals(UserStatus.Disabled))
    {
        message = LockedAccountMssg;
        return false;
    }
    var validUser = _authenticationService.PasswordMatches(user, form.Password);
    if (validUser)
    {
        if (!user.LastPasswordChangedDate.HasValue)
        {
            message = ExpiredPasswordMssg;
            return false;
        }
        var passwordExpirationDate = user.LastPasswordChangedDate.Value.AddMonths(PasswordValidPeriod);
        var gap = (passwordExpirationDate - SystemTime.Now()).Days;
        if (gap &lt;= 0)
        {
            message = ExpiredPasswordMssg;
            return false;
        }
        if (gap &lt;= PasswordExpirationGracePeriod)
        {
            message = string.Format(ExpiringPasswordMssgTemplate, gap);
        }
        EventCoordinator.Raise(new UserCompletedLogIn(user.Id));
        FormsAuthentication.SetAuthCookie(form.Username, false);
        return true;
    }
    message = "Invalid UserName/Password";
    EventCoordinator.Raise(new UserCredentialMismatch(user.Id));
    return false;
}
</code></pre>
                        <p>here,in the <b>Login()</b> method pass the parameters of the LoginForm and the string message</p>
                        <p>and the get the current user key used to the GetByKey from the IViewRepository</p>
                        <p>if return a null then user not exists</p>
                        <p>and if the user more than try for the user credential then the Locked the Account Message and the user status is disable</p>
                        <p>validUser is passed to the <a href="AuthenticationService.html" class="btn-link">PasswordMatches</a> from the AuthenticationService and the throw the Exception of InvalidCredentialException</p>
                        <p>and the <b>LogOff()</b> is clear the current user session</p>

                    </li>

                </ol>
            </div>
       